Описание
Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when background (daemon) mode is disabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in an invalid command.
Ссылки
- Exploit
- Vendor Advisory
- ExploitURL Repurposed
- Exploit
- Vendor Advisory
- ExploitURL Repurposed
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:linux_kiss_server:linux_kiss_server:1.2:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05571
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-134
Связанные уязвимости
github
почти 4 года назад
Format string vulnerability in the log_message function in lks.c in Linux Kiss Server 1.2, when background (daemon) mode is disabled, allows remote attackers to cause a denial of service (crash) or execute arbitrary code via format string specifiers in an invalid command.
EPSS
Процентиль: 90%
0.05571
Низкий
6.8 Medium
CVSS2
Дефекты
CWE-134